Which of the following choices BEST ensures the effectiveness of controls related to interest calculation inside an accounting system?
A.
Re-performance
B.
Process walk-through
C.
Observation
D.
Documentation review
the answer is A.
A. To ensure the effectiveness of controls, it is most effective to conduct re-performance. When the same result is obtained after the performance by an independent person, this provides the strongest assurance.
B. Process walk-through may help the auditor to understand the controls better; however, it may not be as useful as conducting re-performance for a sample of transactions.
C. Observation is a valid audit method to verify that operators are using the system appropriately; however, conducting re-performance is a better method.
D. Documentation review may be of some value for understanding the control environment; however, conducting re-performance is a better method.
Is This Answer Correct ? | 8 Yes | 0 No |
Which of the following protocols would be involved in the implementation of a router and interconnectivity device monitoring system? A. Simple network management B. File transfer C. Simple Mail Transfer Protocol D. Telnet
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
A primary function of risk management is the identification of cost-effective controls. In selecting appropriate controls, which of the following methods is best to study the effectiveness of adding various safeguards in reducing vulnerabilities? A. "What if" analysis B. Traditional cost/benefit analysis C. Screening analysis D. A "back-of-the-envelope" analysis
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
Which of the following security techniques is the BEST method for authenticating a user's identity? A. Smart card B. Biometrics C. Challenge-response token D. User ID and password
An organization is considering installing a LAN in a site under construction. If system availability is the main concern, which of the following topologies is MOST appropriate? A. Ring B. Line C. Star D. Bus
An IS auditor's MAJOR concern as a result of reviewing a business process reengineering (BPR) project should be whether the: A. newly designed business process has key controls in place. B. changed process will affect organization structure, finances and personnel. C. roles for suppliers have been redefined. D. process has been documented before and after reengineering.
Peer reviews to detect software errors during a program development activity are called: A. emulation techniques. B. structured walk-throughs. C. modular program techniques. D. top-down program construction.
While reviewing an ongoing project, the IS auditor notes that the development team has spent eight hours of activity on the first day against a budget of 24 hours (over three days). The projected time to complete the remainder of the activity is 20 hours. The IS auditor should report that the project: A. is behind schedule. B. is ahead of schedule. C. is on schedule. D. cannot be evaluated until the activity is completed.
Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code
Which of the following network topologies yields the GREATEST redundancy in the event of the failure of one node? A. Mesh B. Star C. Ring D. Bus
Which of the following is MOST likely to occur when a system development project is in the middle of the programming/coding phase? A. Unit tests B. Stress tests C. Regression tests D. Acceptance tests